Resources Blog Using Sonatype Nexus Repository 3 – Part 2: npm Packages

Using Sonatype Nexus Repository 3 – Part 2: npm Packages

This is the second part of a series of posts on Sonatype Nexus 3 and how to use it as repository for several technologies. Also available is “Part 1, Maven Artifacts” by Rafael Eyng.

NOTE: We are constantly improving Sonatype Nexus Repository. This blog may no longer be accurate. You can find the latest instructions here.

npm install can take too long sometimes, so it might be a good idea to have a proxy in your own network. And if you can’t just pay the 7 dollars/month to host your packages in the official npm private registry, then you’ll probably benefit from this post.


Check out the first part of this series to see how we installed and ran Sonatype Nexus 3 using a single docker command. Just do that and the installation is done.

Configuring Sonatype Nexus as a npm repo

What we will do:
– create a private (hosted) repository for our own packages
– create a proxy repository pointing to the official registry
– create a group repository to provide all the above repos under a single URL

I suggest you to create a new blob store for each new repo you want to create. That way, the data for every repo will be in a different folder in /nexus-data (inside the Docker container). But this is not mandatory for it to work.

private repo

A repository for npm packages that your team develops.

Create a new npm (hosted) repository and configure it like:

Using Nexus 3 as Repo - 1.png

The deployment policy “Allow redeploy” above might look somewhat polemic, so you might want to set it to “Disable redeploy”. In my use case, it makes sense to use “Allow redeploy”, since we keep a latest version on Sonatype Nexus always updated with the status of the master branch, that is redeployed in our CI flow.

proxy repo

A repository that proxies everything you download from the official npm registry. Next time you download the same dependency, it will be cached in your Sonatype Nexus.

Create a new npm (proxy) repository and configure it like:

Using Nexus 3 as Repo. - 3.png

Using Nexus 3 as Repo - 2.png

group repo

This will group all the above repos and provide you a single URL to configure your clients to download from/deploy to.

Create a new npm (group) repository and configure it like:

Using Nexus 3 as Repo - 4.png

You can create as many repos as you need and group them all in the group repo, but for npm I don’t think that you will need more than 1 proxy and 1 private repos.

Configuring your clients and projects to use your Sonatype Nexus repos

For npm, we will configure the repository per project (unlike Maven, that have some global configs, for instance). I believe that you can configure the authentication globally in your machine, with npm addUser, but I didn’t went that way for simplicity.

If you have a project where you only want to download dependencies from Sonatype Nexus, create a .npmrc file at your project’s root with:


_auth=YWRtaW46YWRtaW4xMjM= is the base64 hash for the credentials (admin/admin123). If you use a different set of credentials, you should compute your own hash with:

echo -n 'myuser:mypassword' | openssl base64

You have to set a user so you can publish packages. If you do this from your local machine, npm publish will use your user configured in ~/.npmrc (in your home, not in your project). If you don’t have this configuration, or if you want to publish from CI, you can set an configuration in your project’s .npmrc. Really, any email.

If you have a project that you want to publish to your Sonatype Nexus, put this in package.json:


  "publishConfig": {
    "registry": "http://your-host:8081/repository/npm-private/"

Note that you publish to your private repo, but when you download, you can point to your group repo, so both your own packages and the packages from the official repo will be available from a single URL.

Now if you run in your projects:

npm install
# or
npm publish

your npm will point to your Sonatype Nexus instance.

Installing npm packages globally


npm --registry http://your-host:8081/repository/npm-group/ install -g your-pac
Picture of Rafael Eyng

Written by Rafael Eyng